/*     */ package com.zimbra.qa.unittest.prov.ldap;
/*     */ 
/*     */ import com.google.common.collect.Maps;
/*     */ import com.zimbra.common.account.Key.AccountBy;
/*     */ import com.zimbra.common.account.ZAttrProvisioning.AccountStatus;
/*     */ import com.zimbra.common.service.ServiceException;
/*     */ import com.zimbra.cs.account.Account;
/*     */ import com.zimbra.cs.account.AccountServiceException;
/*     */ import com.zimbra.cs.account.Domain;
/*     */ import com.zimbra.cs.account.Provisioning;
/*     */ import com.zimbra.cs.account.auth.AuthContext.Protocol;
/*     */ import java.io.PrintStream;
/*     */ import java.util.Map;
/*     */ import org.junit.AfterClass;
/*     */ import org.junit.Assert;
/*     */ import org.junit.BeforeClass;
/*     */ import org.junit.Test;
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ 
/*     */ public class TestAccountLockout
/*     */   extends LdapTest
/*     */ {
/*  42 */   private final String BAD_PASSWORD = "badpasssword";
/*  43 */   private final String GOOD_PASSWORD = "test123";
/*  44 */   private final int LOCKOUT_AFTER_NUM_FAILURES = 3;
/*  45 */   private final int LOCKOUT_DURATION_SECONDS = 10;
/*     */   private static LdapProvTestUtil provUtil;
/*     */   private static Provisioning prov;
/*     */   private static Domain domain;
/*     */   
/*     */   @BeforeClass
/*     */   public static void init()
/*     */     throws Exception
/*     */   {
/*  54 */     provUtil = new LdapProvTestUtil();
/*  55 */     prov = provUtil.getProv();
/*  56 */     domain = provUtil.createDomain(baseDomainName());
/*     */   }
/*     */   
/*     */   @AfterClass
/*     */   public static void cleanup() throws Exception {
/*  61 */     Cleanup.deleteAll(new String[] { baseDomainName() });
/*     */   }
/*     */   
/*     */   private Account createAccount(String localPart) throws Exception {
/*  65 */     return provUtil.createAccount(localPart, domain);
/*     */   }
/*     */   
/*     */   private void deleteAccount(Account acct) throws Exception {
/*  69 */     provUtil.deleteAccount(acct);
/*     */   }
/*     */   
/*     */   public void lockout(Account acct) throws Exception {
/*  73 */     String acctId = acct.getId();
/*     */     
/*  75 */     Map<String, Object> attrs = Maps.newHashMap();
/*     */     
/*     */ 
/*  78 */     attrs.put("zimbraPasswordLockoutEnabled", "TRUE");
/*  79 */     attrs.put("zimbraPasswordLockoutDuration", "10s");
/*  80 */     attrs.put("zimbraPasswordLockoutMaxFailures", "3");
/*  81 */     attrs.put("zimbraPasswordLockoutFailureLifetime", "30s");
/*     */     
/*     */ 
/*     */ 
/*  85 */     attrs.put("zimbraAccountStatus", "active");
/*  86 */     attrs.put("zimbraPasswordLockoutLockedTime", "");
/*  87 */     attrs.put("zimbraPasswordLockoutFailureTime", "");
/*     */     
/*  89 */     prov.modifyAttrs(acct, attrs);
/*     */     
/*     */ 
/*  92 */     for (int i = 0; i <= 3; i++)
/*     */     {
/*  94 */       boolean authFailed = false;
/*     */       try {
/*  96 */         prov.authAccount(acct, "badpasssword", AuthContext.Protocol.test);
/*     */       } catch (ServiceException e) {
/*  98 */         if ("account.AUTH_FAILED".equals(e.getCode())) {
/*  99 */           authFailed = true;
/*     */         }
/*     */       }
/* 102 */       Assert.assertTrue(authFailed);
/*     */       
/*     */ 
/* 105 */       acct = prov.get(Key.AccountBy.id, acctId);
/*     */       
/* 107 */       if (i >= 2) {
/* 108 */         Assert.assertEquals("lockout", acct.getAttr("zimbraAccountStatus"));
/*     */       } else {
/* 110 */         Assert.assertEquals("active", acct.getAttr("zimbraAccountStatus"));
/*     */       }
/*     */       
/*     */ 
/* 114 */       Thread.sleep(2000L);
/*     */     }
/*     */   }
/*     */   
/*     */   @Test
/*     */   public void successfulLogin() throws Exception {
/* 120 */     Account acct = createAccount(genAcctNameLocalPart());
/* 121 */     lockout(acct);
/*     */     
/*     */ 
/* 124 */     boolean authFailed = false;
/*     */     try {
/* 126 */       prov.authAccount(acct, "test123", AuthContext.Protocol.test);
/*     */     } catch (ServiceException e) {
/* 128 */       if ("account.AUTH_FAILED".equals(e.getCode())) {
/* 129 */         authFailed = true;
/*     */       }
/*     */     }
/* 132 */     Assert.assertTrue(authFailed);
/*     */     
/*     */ 
/* 135 */     int wait = 11;
/* 136 */     System.out.println("Sleep for " + wait + " seconds");
/* 137 */     Thread.sleep(wait * 1000);
/*     */     
/*     */ 
/* 140 */     prov.authAccount(acct, "test123", AuthContext.Protocol.test);
/* 141 */     ZAttrProvisioning.AccountStatus status = acct.getAccountStatus();
/* 142 */     Assert.assertEquals(ZAttrProvisioning.AccountStatus.active, status);
/*     */     
/* 144 */     deleteAccount(acct);
/*     */   }
/*     */   
/*     */   @Test
/*     */   public void ssoWhenAccountIsLockedout() throws Exception {
/* 149 */     Account acct = createAccount(genAcctNameLocalPart());
/* 150 */     lockout(acct);
/*     */     
/* 152 */     boolean authFailed = false;
/*     */     try {
/* 154 */       prov.ssoAuthAccount(acct, AuthContext.Protocol.test, null);
/*     */     } catch (AccountServiceException e) {
/* 156 */       if ("account.AUTH_FAILED".equals(e.getCode())) {
/* 157 */         authFailed = true;
/*     */       }
/*     */     }
/* 160 */     Assert.assertTrue(authFailed);
/*     */     
/* 162 */     deleteAccount(acct);
/*     */   }
/*     */ }


/* Location:              /home/mint/zimbrastore.jar!/com/zimbra/qa/unittest/prov/ldap/TestAccountLockout.class
 * Java compiler version: 7 (51.0)
 * JD-Core Version:       0.7.1
 */